FaaS
Definition
Function as a Service (FaaS) is a cloud computing service model that allows developers to execute code in response to events without managing server infrastructure. It is a key component of serverless architectures, enabling automatic scaling and billing based on the actual compute time consumed. FaaS platforms, such as AWS Lambda, Azure Functions, and Google Cloud Functions, abstract away the underlying server management, allowing developers to focus solely on writing and deploying code.
Secure Settings Example
# AWS Lambda function configuration using AWS SAM (Serverless Application Model)
Resources:
MySecureFunction:
Type: AWS::Serverless::Function
Properties:
Handler: index.handler
Runtime: nodejs14.x
Policies:
- AWSLambdaBasicExecutionRole
Environment:
Variables:
NODE_ENV: production
VpcConfig:
SecurityGroupIds:
- sg-0123456789abcdef0
SubnetIds:
- subnet-0123456789abcdef0
Tracing: Active
Timeout: 10
MemorySize: 128
Insecure Settings Example
# AWS Lambda function configuration with insecure settings
Resources:
MyInsecureFunction:
Type: AWS::Serverless::Function
Properties:
Handler: index.handler
Runtime: nodejs14.x
Policies:
- arn:aws:iam::aws:policy/AdministratorAccess # Overly permissive policy
Environment:
Variables:
NODE_ENV: development
VpcConfig: # Missing VPC configuration
Tracing: PassThrough # Tracing not fully enabled
Timeout: 300 # Excessive timeout
MemorySize: 1024 # Excessive memory allocation